1
2
3
4
5
6#include <linux/usb.h>
7#include <linux/usb/ch9.h>
8#include <linux/usb/hcd.h>
9#include <linux/usb/quirks.h>
10#include <linux/module.h>
11#include <linux/slab.h>
12#include <linux/device.h>
13#include <asm/byteorder.h>
14#include "usb.h"
15
16
17#define USB_MAXALTSETTING 128
18
19#define USB_MAXCONFIG 8
20
21
22static inline const char *plural(int n)
23{
24 return (n == 1 ? "" : "s");
25}
26
27static int find_next_descriptor(unsigned char *buffer, int size,
28 int dt1, int dt2, int *num_skipped)
29{
30 struct usb_descriptor_header *h;
31 int n = 0;
32 unsigned char *buffer0 = buffer;
33
34
35 while (size > 0) {
36 h = (struct usb_descriptor_header *) buffer;
37 if (h->bDescriptorType == dt1 || h->bDescriptorType == dt2)
38 break;
39 buffer += h->bLength;
40 size -= h->bLength;
41 ++n;
42 }
43
44
45
46 if (num_skipped)
47 *num_skipped = n;
48 return buffer - buffer0;
49}
50
51static void usb_parse_ssp_isoc_endpoint_companion(struct device *ddev,
52 int cfgno, int inum, int asnum, struct usb_host_endpoint *ep,
53 unsigned char *buffer, int size)
54{
55 struct usb_ssp_isoc_ep_comp_descriptor *desc;
56
57
58
59
60
61 desc = (struct usb_ssp_isoc_ep_comp_descriptor *) buffer;
62 if (desc->bDescriptorType != USB_DT_SSP_ISOC_ENDPOINT_COMP ||
63 size < USB_DT_SSP_ISOC_EP_COMP_SIZE) {
64 dev_warn(ddev, "Invalid SuperSpeedPlus isoc endpoint companion"
65 "for config %d interface %d altsetting %d ep %d.\n",
66 cfgno, inum, asnum, ep->desc.bEndpointAddress);
67 return;
68 }
69 memcpy(&ep->ssp_isoc_ep_comp, desc, USB_DT_SSP_ISOC_EP_COMP_SIZE);
70}
71
72static void usb_parse_ss_endpoint_companion(struct device *ddev, int cfgno,
73 int inum, int asnum, struct usb_host_endpoint *ep,
74 unsigned char *buffer, int size)
75{
76 struct usb_ss_ep_comp_descriptor *desc;
77 int max_tx;
78
79
80
81
82 desc = (struct usb_ss_ep_comp_descriptor *) buffer;
83
84 if (desc->bDescriptorType != USB_DT_SS_ENDPOINT_COMP ||
85 size < USB_DT_SS_EP_COMP_SIZE) {
86 dev_warn(ddev, "No SuperSpeed endpoint companion for config %d "
87 " interface %d altsetting %d ep %d: "
88 "using minimum values\n",
89 cfgno, inum, asnum, ep->desc.bEndpointAddress);
90
91
92
93
94
95
96
97
98 ep->ss_ep_comp.bLength = USB_DT_SS_EP_COMP_SIZE;
99 ep->ss_ep_comp.bDescriptorType = USB_DT_SS_ENDPOINT_COMP;
100 if (usb_endpoint_xfer_isoc(&ep->desc) ||
101 usb_endpoint_xfer_int(&ep->desc))
102 ep->ss_ep_comp.wBytesPerInterval =
103 ep->desc.wMaxPacketSize;
104 return;
105 }
106 buffer += desc->bLength;
107 size -= desc->bLength;
108 memcpy(&ep->ss_ep_comp, desc, USB_DT_SS_EP_COMP_SIZE);
109
110
111 if (usb_endpoint_xfer_control(&ep->desc) && desc->bMaxBurst != 0) {
112 dev_warn(ddev, "Control endpoint with bMaxBurst = %d in "
113 "config %d interface %d altsetting %d ep %d: "
114 "setting to zero\n", desc->bMaxBurst,
115 cfgno, inum, asnum, ep->desc.bEndpointAddress);
116 ep->ss_ep_comp.bMaxBurst = 0;
117 } else if (desc->bMaxBurst > 15) {
118 dev_warn(ddev, "Endpoint with bMaxBurst = %d in "
119 "config %d interface %d altsetting %d ep %d: "
120 "setting to 15\n", desc->bMaxBurst,
121 cfgno, inum, asnum, ep->desc.bEndpointAddress);
122 ep->ss_ep_comp.bMaxBurst = 15;
123 }
124
125 if ((usb_endpoint_xfer_control(&ep->desc) ||
126 usb_endpoint_xfer_int(&ep->desc)) &&
127 desc->bmAttributes != 0) {
128 dev_warn(ddev, "%s endpoint with bmAttributes = %d in "
129 "config %d interface %d altsetting %d ep %d: "
130 "setting to zero\n",
131 usb_endpoint_xfer_control(&ep->desc) ? "Control" : "Bulk",
132 desc->bmAttributes,
133 cfgno, inum, asnum, ep->desc.bEndpointAddress);
134 ep->ss_ep_comp.bmAttributes = 0;
135 } else if (usb_endpoint_xfer_bulk(&ep->desc) &&
136 desc->bmAttributes > 16) {
137 dev_warn(ddev, "Bulk endpoint with more than 65536 streams in "
138 "config %d interface %d altsetting %d ep %d: "
139 "setting to max\n",
140 cfgno, inum, asnum, ep->desc.bEndpointAddress);
141 ep->ss_ep_comp.bmAttributes = 16;
142 } else if (usb_endpoint_xfer_isoc(&ep->desc) &&
143 !USB_SS_SSP_ISOC_COMP(desc->bmAttributes) &&
144 USB_SS_MULT(desc->bmAttributes) > 3) {
145 dev_warn(ddev, "Isoc endpoint has Mult of %d in "
146 "config %d interface %d altsetting %d ep %d: "
147 "setting to 3\n",
148 USB_SS_MULT(desc->bmAttributes),
149 cfgno, inum, asnum, ep->desc.bEndpointAddress);
150 ep->ss_ep_comp.bmAttributes = 2;
151 }
152
153 if (usb_endpoint_xfer_isoc(&ep->desc))
154 max_tx = (desc->bMaxBurst + 1) *
155 (USB_SS_MULT(desc->bmAttributes)) *
156 usb_endpoint_maxp(&ep->desc);
157 else if (usb_endpoint_xfer_int(&ep->desc))
158 max_tx = usb_endpoint_maxp(&ep->desc) *
159 (desc->bMaxBurst + 1);
160 else
161 max_tx = 999999;
162 if (le16_to_cpu(desc->wBytesPerInterval) > max_tx) {
163 dev_warn(ddev, "%s endpoint with wBytesPerInterval of %d in "
164 "config %d interface %d altsetting %d ep %d: "
165 "setting to %d\n",
166 usb_endpoint_xfer_isoc(&ep->desc) ? "Isoc" : "Int",
167 le16_to_cpu(desc->wBytesPerInterval),
168 cfgno, inum, asnum, ep->desc.bEndpointAddress,
169 max_tx);
170 ep->ss_ep_comp.wBytesPerInterval = cpu_to_le16(max_tx);
171 }
172
173 if (usb_endpoint_xfer_isoc(&ep->desc) &&
174 USB_SS_SSP_ISOC_COMP(desc->bmAttributes))
175 usb_parse_ssp_isoc_endpoint_companion(ddev, cfgno, inum, asnum,
176 ep, buffer, size);
177}
178
179static const unsigned short low_speed_maxpacket_maxes[4] = {
180 [USB_ENDPOINT_XFER_CONTROL] = 8,
181 [USB_ENDPOINT_XFER_ISOC] = 0,
182 [USB_ENDPOINT_XFER_BULK] = 0,
183 [USB_ENDPOINT_XFER_INT] = 8,
184};
185static const unsigned short full_speed_maxpacket_maxes[4] = {
186 [USB_ENDPOINT_XFER_CONTROL] = 64,
187 [USB_ENDPOINT_XFER_ISOC] = 1023,
188 [USB_ENDPOINT_XFER_BULK] = 64,
189 [USB_ENDPOINT_XFER_INT] = 64,
190};
191static const unsigned short high_speed_maxpacket_maxes[4] = {
192 [USB_ENDPOINT_XFER_CONTROL] = 64,
193 [USB_ENDPOINT_XFER_ISOC] = 1024,
194 [USB_ENDPOINT_XFER_BULK] = 512,
195 [USB_ENDPOINT_XFER_INT] = 1024,
196};
197static const unsigned short super_speed_maxpacket_maxes[4] = {
198 [USB_ENDPOINT_XFER_CONTROL] = 512,
199 [USB_ENDPOINT_XFER_ISOC] = 1024,
200 [USB_ENDPOINT_XFER_BULK] = 1024,
201 [USB_ENDPOINT_XFER_INT] = 1024,
202};
203
204static int usb_parse_endpoint(struct device *ddev, int cfgno, int inum,
205 int asnum, struct usb_host_interface *ifp, int num_ep,
206 unsigned char *buffer, int size)
207{
208 unsigned char *buffer0 = buffer;
209 struct usb_endpoint_descriptor *d;
210 struct usb_host_endpoint *endpoint;
211 int n, i, j, retval;
212 unsigned int maxp;
213 const unsigned short *maxpacket_maxes;
214
215 d = (struct usb_endpoint_descriptor *) buffer;
216 buffer += d->bLength;
217 size -= d->bLength;
218
219 if (d->bLength >= USB_DT_ENDPOINT_AUDIO_SIZE)
220 n = USB_DT_ENDPOINT_AUDIO_SIZE;
221 else if (d->bLength >= USB_DT_ENDPOINT_SIZE)
222 n = USB_DT_ENDPOINT_SIZE;
223 else {
224 dev_warn(ddev, "config %d interface %d altsetting %d has an "
225 "invalid endpoint descriptor of length %d, skipping\n",
226 cfgno, inum, asnum, d->bLength);
227 goto skip_to_next_endpoint_or_interface_descriptor;
228 }
229
230 i = d->bEndpointAddress & ~USB_ENDPOINT_DIR_MASK;
231 if (i >= 16 || i == 0) {
232 dev_warn(ddev, "config %d interface %d altsetting %d has an "
233 "invalid endpoint with address 0x%X, skipping\n",
234 cfgno, inum, asnum, d->bEndpointAddress);
235 goto skip_to_next_endpoint_or_interface_descriptor;
236 }
237
238
239 if (ifp->desc.bNumEndpoints >= num_ep)
240 goto skip_to_next_endpoint_or_interface_descriptor;
241
242
243 for (i = 0; i < ifp->desc.bNumEndpoints; ++i) {
244 if (ifp->endpoint[i].desc.bEndpointAddress ==
245 d->bEndpointAddress) {
246 dev_warn(ddev, "config %d interface %d altsetting %d has a duplicate endpoint with address 0x%X, skipping\n",
247 cfgno, inum, asnum, d->bEndpointAddress);
248 goto skip_to_next_endpoint_or_interface_descriptor;
249 }
250 }
251
252 endpoint = &ifp->endpoint[ifp->desc.bNumEndpoints];
253 ++ifp->desc.bNumEndpoints;
254
255 memcpy(&endpoint->desc, d, n);
256 INIT_LIST_HEAD(&endpoint->urb_list);
257
258
259
260
261
262 i = 0;
263 j = 255;
264 if (usb_endpoint_xfer_int(d)) {
265 i = 1;
266 switch (to_usb_device(ddev)->speed) {
267 case USB_SPEED_SUPER_PLUS:
268 case USB_SPEED_SUPER:
269 case USB_SPEED_HIGH:
270
271
272
273
274
275
276 n = fls(d->bInterval*8);
277 if (n == 0)
278 n = 7;
279 j = 16;
280
281
282
283
284
285
286
287 if (to_usb_device(ddev)->quirks &
288 USB_QUIRK_LINEAR_FRAME_INTR_BINTERVAL) {
289 n = clamp(fls(d->bInterval) + 3, i, j);
290 i = j = n;
291 }
292
293
294
295
296 if (to_usb_device(ddev)->quirks &
297 USB_QUIRK_LINEAR_UFRAME_INTR_BINTERVAL) {
298 n = clamp(fls(d->bInterval), i, j);
299 i = j = n;
300 }
301 break;
302 default:
303
304
305
306
307
308 n = 10;
309 break;
310 }
311 } else if (usb_endpoint_xfer_isoc(d)) {
312 i = 1;
313 j = 16;
314 switch (to_usb_device(ddev)->speed) {
315 case USB_SPEED_HIGH:
316 n = 7;
317 break;
318 default:
319 n = 4;
320 break;
321 }
322 }
323 if (d->bInterval < i || d->bInterval > j) {
324 dev_warn(ddev, "config %d interface %d altsetting %d "
325 "endpoint 0x%X has an invalid bInterval %d, "
326 "changing to %d\n",
327 cfgno, inum, asnum,
328 d->bEndpointAddress, d->bInterval, n);
329 endpoint->desc.bInterval = n;
330 }
331
332
333
334
335
336 if (to_usb_device(ddev)->speed == USB_SPEED_LOW &&
337 usb_endpoint_xfer_bulk(d)) {
338 dev_warn(ddev, "config %d interface %d altsetting %d "
339 "endpoint 0x%X is Bulk; changing to Interrupt\n",
340 cfgno, inum, asnum, d->bEndpointAddress);
341 endpoint->desc.bmAttributes = USB_ENDPOINT_XFER_INT;
342 endpoint->desc.bInterval = 1;
343 if (usb_endpoint_maxp(&endpoint->desc) > 8)
344 endpoint->desc.wMaxPacketSize = cpu_to_le16(8);
345 }
346
347
348 maxp = usb_endpoint_maxp(&endpoint->desc);
349
350
351 i = 0;
352 switch (to_usb_device(ddev)->speed) {
353 case USB_SPEED_LOW:
354 maxpacket_maxes = low_speed_maxpacket_maxes;
355 break;
356 case USB_SPEED_FULL:
357 maxpacket_maxes = full_speed_maxpacket_maxes;
358 break;
359 case USB_SPEED_HIGH:
360
361 if (usb_endpoint_xfer_int(d) || usb_endpoint_xfer_isoc(d)) {
362 i = maxp & (BIT(12) | BIT(11));
363 maxp &= ~i;
364 }
365
366 default:
367 maxpacket_maxes = high_speed_maxpacket_maxes;
368 break;
369 case USB_SPEED_SUPER:
370 case USB_SPEED_SUPER_PLUS:
371 maxpacket_maxes = super_speed_maxpacket_maxes;
372 break;
373 }
374 j = maxpacket_maxes[usb_endpoint_type(&endpoint->desc)];
375
376 if (maxp > j) {
377 dev_warn(ddev, "config %d interface %d altsetting %d endpoint 0x%X has invalid maxpacket %d, setting to %d\n",
378 cfgno, inum, asnum, d->bEndpointAddress, maxp, j);
379 maxp = j;
380 endpoint->desc.wMaxPacketSize = cpu_to_le16(i | maxp);
381 }
382
383
384
385
386
387
388 if (to_usb_device(ddev)->speed == USB_SPEED_HIGH
389 && usb_endpoint_xfer_bulk(d)) {
390 if (maxp != 512)
391 dev_warn(ddev, "config %d interface %d altsetting %d "
392 "bulk endpoint 0x%X has invalid maxpacket %d\n",
393 cfgno, inum, asnum, d->bEndpointAddress,
394 maxp);
395 }
396
397
398 if (to_usb_device(ddev)->speed >= USB_SPEED_SUPER)
399 usb_parse_ss_endpoint_companion(ddev, cfgno,
400 inum, asnum, endpoint, buffer, size);
401
402
403
404 endpoint->extra = buffer;
405 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT,
406 USB_DT_INTERFACE, &n);
407 endpoint->extralen = i;
408 retval = buffer - buffer0 + i;
409 if (n > 0)
410 dev_dbg(ddev, "skipped %d descriptor%s after %s\n",
411 n, plural(n), "endpoint");
412 return retval;
413
414skip_to_next_endpoint_or_interface_descriptor:
415 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT,
416 USB_DT_INTERFACE, NULL);
417 return buffer - buffer0 + i;
418}
419
420void usb_release_interface_cache(struct kref *ref)
421{
422 struct usb_interface_cache *intfc = ref_to_usb_interface_cache(ref);
423 int j;
424
425 for (j = 0; j < intfc->num_altsetting; j++) {
426 struct usb_host_interface *alt = &intfc->altsetting[j];
427
428 kfree(alt->endpoint);
429 kfree(alt->string);
430 }
431 kfree(intfc);
432}
433
434static int usb_parse_interface(struct device *ddev, int cfgno,
435 struct usb_host_config *config, unsigned char *buffer, int size,
436 u8 inums[], u8 nalts[])
437{
438 unsigned char *buffer0 = buffer;
439 struct usb_interface_descriptor *d;
440 int inum, asnum;
441 struct usb_interface_cache *intfc;
442 struct usb_host_interface *alt;
443 int i, n;
444 int len, retval;
445 int num_ep, num_ep_orig;
446
447 d = (struct usb_interface_descriptor *) buffer;
448 buffer += d->bLength;
449 size -= d->bLength;
450
451 if (d->bLength < USB_DT_INTERFACE_SIZE)
452 goto skip_to_next_interface_descriptor;
453
454
455 intfc = NULL;
456 inum = d->bInterfaceNumber;
457 for (i = 0; i < config->desc.bNumInterfaces; ++i) {
458 if (inums[i] == inum) {
459 intfc = config->intf_cache[i];
460 break;
461 }
462 }
463 if (!intfc || intfc->num_altsetting >= nalts[i])
464 goto skip_to_next_interface_descriptor;
465
466
467 asnum = d->bAlternateSetting;
468 for ((i = 0, alt = &intfc->altsetting[0]);
469 i < intfc->num_altsetting;
470 (++i, ++alt)) {
471 if (alt->desc.bAlternateSetting == asnum) {
472 dev_warn(ddev, "Duplicate descriptor for config %d "
473 "interface %d altsetting %d, skipping\n",
474 cfgno, inum, asnum);
475 goto skip_to_next_interface_descriptor;
476 }
477 }
478
479 ++intfc->num_altsetting;
480 memcpy(&alt->desc, d, USB_DT_INTERFACE_SIZE);
481
482
483
484 alt->extra = buffer;
485 i = find_next_descriptor(buffer, size, USB_DT_ENDPOINT,
486 USB_DT_INTERFACE, &n);
487 alt->extralen = i;
488 if (n > 0)
489 dev_dbg(ddev, "skipped %d descriptor%s after %s\n",
490 n, plural(n), "interface");
491 buffer += i;
492 size -= i;
493
494
495 num_ep = num_ep_orig = alt->desc.bNumEndpoints;
496 alt->desc.bNumEndpoints = 0;
497 if (num_ep > USB_MAXENDPOINTS) {
498 dev_warn(ddev, "too many endpoints for config %d interface %d "
499 "altsetting %d: %d, using maximum allowed: %d\n",
500 cfgno, inum, asnum, num_ep, USB_MAXENDPOINTS);
501 num_ep = USB_MAXENDPOINTS;
502 }
503
504 if (num_ep > 0) {
505
506 len = sizeof(struct usb_host_endpoint) * num_ep;
507 alt->endpoint = kzalloc(len, GFP_KERNEL);
508 if (!alt->endpoint)
509 return -ENOMEM;
510 }
511
512
513 n = 0;
514 while (size > 0) {
515 if (((struct usb_descriptor_header *) buffer)->bDescriptorType
516 == USB_DT_INTERFACE)
517 break;
518 retval = usb_parse_endpoint(ddev, cfgno, inum, asnum, alt,
519 num_ep, buffer, size);
520 if (retval < 0)
521 return retval;
522 ++n;
523
524 buffer += retval;
525 size -= retval;
526 }
527
528 if (n != num_ep_orig)
529 dev_warn(ddev, "config %d interface %d altsetting %d has %d "
530 "endpoint descriptor%s, different from the interface "
531 "descriptor's value: %d\n",
532 cfgno, inum, asnum, n, plural(n), num_ep_orig);
533 return buffer - buffer0;
534
535skip_to_next_interface_descriptor:
536 i = find_next_descriptor(buffer, size, USB_DT_INTERFACE,
537 USB_DT_INTERFACE, NULL);
538 return buffer - buffer0 + i;
539}
540
541static int usb_parse_configuration(struct usb_device *dev, int cfgidx,
542 struct usb_host_config *config, unsigned char *buffer, int size)
543{
544 struct device *ddev = &dev->dev;
545 unsigned char *buffer0 = buffer;
546 int cfgno;
547 int nintf, nintf_orig;
548 int i, j, n;
549 struct usb_interface_cache *intfc;
550 unsigned char *buffer2;
551 int size2;
552 struct usb_descriptor_header *header;
553 int len, retval;
554 u8 inums[USB_MAXINTERFACES], nalts[USB_MAXINTERFACES];
555 unsigned iad_num = 0;
556
557 memcpy(&config->desc, buffer, USB_DT_CONFIG_SIZE);
558 if (config->desc.bDescriptorType != USB_DT_CONFIG ||
559 config->desc.bLength < USB_DT_CONFIG_SIZE ||
560 config->desc.bLength > size) {
561 dev_err(ddev, "invalid descriptor for config index %d: "
562 "type = 0x%X, length = %d\n", cfgidx,
563 config->desc.bDescriptorType, config->desc.bLength);
564 return -EINVAL;
565 }
566 cfgno = config->desc.bConfigurationValue;
567
568 buffer += config->desc.bLength;
569 size -= config->desc.bLength;
570
571 nintf = nintf_orig = config->desc.bNumInterfaces;
572 if (nintf > USB_MAXINTERFACES) {
573 dev_warn(ddev, "config %d has too many interfaces: %d, "
574 "using maximum allowed: %d\n",
575 cfgno, nintf, USB_MAXINTERFACES);
576 nintf = USB_MAXINTERFACES;
577 }
578
579
580
581 n = 0;
582 for ((buffer2 = buffer, size2 = size);
583 size2 > 0;
584 (buffer2 += header->bLength, size2 -= header->bLength)) {
585
586 if (size2 < sizeof(struct usb_descriptor_header)) {
587 dev_warn(ddev, "config %d descriptor has %d excess "
588 "byte%s, ignoring\n",
589 cfgno, size2, plural(size2));
590 break;
591 }
592
593 header = (struct usb_descriptor_header *) buffer2;
594 if ((header->bLength > size2) || (header->bLength < 2)) {
595 dev_warn(ddev, "config %d has an invalid descriptor "
596 "of length %d, skipping remainder of the config\n",
597 cfgno, header->bLength);
598 break;
599 }
600
601 if (header->bDescriptorType == USB_DT_INTERFACE) {
602 struct usb_interface_descriptor *d;
603 int inum;
604
605 d = (struct usb_interface_descriptor *) header;
606 if (d->bLength < USB_DT_INTERFACE_SIZE) {
607 dev_warn(ddev, "config %d has an invalid "
608 "interface descriptor of length %d, "
609 "skipping\n", cfgno, d->bLength);
610 continue;
611 }
612
613 inum = d->bInterfaceNumber;
614
615 if ((dev->quirks & USB_QUIRK_HONOR_BNUMINTERFACES) &&
616 n >= nintf_orig) {
617 dev_warn(ddev, "config %d has more interface "
618 "descriptors, than it declares in "
619 "bNumInterfaces, ignoring interface "
620 "number: %d\n", cfgno, inum);
621 continue;
622 }
623
624 if (inum >= nintf_orig)
625 dev_warn(ddev, "config %d has an invalid "
626 "interface number: %d but max is %d\n",
627 cfgno, inum, nintf_orig - 1);
628
629
630
631 for (i = 0; i < n; ++i) {
632 if (inums[i] == inum)
633 break;
634 }
635 if (i < n) {
636 if (nalts[i] < 255)
637 ++nalts[i];
638 } else if (n < USB_MAXINTERFACES) {
639 inums[n] = inum;
640 nalts[n] = 1;
641 ++n;
642 }
643
644 } else if (header->bDescriptorType ==
645 USB_DT_INTERFACE_ASSOCIATION) {
646 if (iad_num == USB_MAXIADS) {
647 dev_warn(ddev, "found more Interface "
648 "Association Descriptors "
649 "than allocated for in "
650 "configuration %d\n", cfgno);
651 } else {
652 config->intf_assoc[iad_num] =
653 (struct usb_interface_assoc_descriptor
654 *)header;
655 iad_num++;
656 }
657
658 } else if (header->bDescriptorType == USB_DT_DEVICE ||
659 header->bDescriptorType == USB_DT_CONFIG)
660 dev_warn(ddev, "config %d contains an unexpected "
661 "descriptor of type 0x%X, skipping\n",
662 cfgno, header->bDescriptorType);
663
664 }
665 size = buffer2 - buffer;
666 config->desc.wTotalLength = cpu_to_le16(buffer2 - buffer0);
667
668 if (n != nintf)
669 dev_warn(ddev, "config %d has %d interface%s, different from "
670 "the descriptor's value: %d\n",
671 cfgno, n, plural(n), nintf_orig);
672 else if (n == 0)
673 dev_warn(ddev, "config %d has no interfaces?\n", cfgno);
674 config->desc.bNumInterfaces = nintf = n;
675
676
677 for (i = 0; i < nintf; ++i) {
678 for (j = 0; j < nintf; ++j) {
679 if (inums[j] == i)
680 break;
681 }
682 if (j >= nintf)
683 dev_warn(ddev, "config %d has no interface number "
684 "%d\n", cfgno, i);
685 }
686
687
688 for (i = 0; i < nintf; ++i) {
689 j = nalts[i];
690 if (j > USB_MAXALTSETTING) {
691 dev_warn(ddev, "too many alternate settings for "
692 "config %d interface %d: %d, "
693 "using maximum allowed: %d\n",
694 cfgno, inums[i], j, USB_MAXALTSETTING);
695 nalts[i] = j = USB_MAXALTSETTING;
696 }
697
698 len = sizeof(*intfc) + sizeof(struct usb_host_interface) * j;
699 config->intf_cache[i] = intfc = kzalloc(len, GFP_KERNEL);
700 if (!intfc)
701 return -ENOMEM;
702 kref_init(&intfc->ref);
703 }
704
705
706
707
708
709 config->extra = buffer;
710 i = find_next_descriptor(buffer, size, USB_DT_INTERFACE,
711 USB_DT_INTERFACE, &n);
712 config->extralen = i;
713 if (n > 0)
714 dev_dbg(ddev, "skipped %d descriptor%s after %s\n",
715 n, plural(n), "configuration");
716 buffer += i;
717 size -= i;
718
719
720 while (size > 0) {
721 retval = usb_parse_interface(ddev, cfgno, config,
722 buffer, size, inums, nalts);
723 if (retval < 0)
724 return retval;
725
726 buffer += retval;
727 size -= retval;
728 }
729
730
731 for (i = 0; i < nintf; ++i) {
732 intfc = config->intf_cache[i];
733 for (j = 0; j < intfc->num_altsetting; ++j) {
734 for (n = 0; n < intfc->num_altsetting; ++n) {
735 if (intfc->altsetting[n].desc.
736 bAlternateSetting == j)
737 break;
738 }
739 if (n >= intfc->num_altsetting)
740 dev_warn(ddev, "config %d interface %d has no "
741 "altsetting %d\n", cfgno, inums[i], j);
742 }
743 }
744
745 return 0;
746}
747
748
749
750
751void usb_destroy_configuration(struct usb_device *dev)
752{
753 int c, i;
754
755 if (!dev->config)
756 return;
757
758 if (dev->rawdescriptors) {
759 for (i = 0; i < dev->descriptor.bNumConfigurations; i++)
760 kfree(dev->rawdescriptors[i]);
761
762 kfree(dev->rawdescriptors);
763 dev->rawdescriptors = NULL;
764 }
765
766 for (c = 0; c < dev->descriptor.bNumConfigurations; c++) {
767 struct usb_host_config *cf = &dev->config[c];
768
769 kfree(cf->string);
770 for (i = 0; i < cf->desc.bNumInterfaces; i++) {
771 if (cf->intf_cache[i])
772 kref_put(&cf->intf_cache[i]->ref,
773 usb_release_interface_cache);
774 }
775 }
776 kfree(dev->config);
777 dev->config = NULL;
778}
779
780
781
782
783
784
785
786
787int usb_get_configuration(struct usb_device *dev)
788{
789 struct device *ddev = &dev->dev;
790 int ncfg = dev->descriptor.bNumConfigurations;
791 int result = 0;
792 unsigned int cfgno, length;
793 unsigned char *bigbuffer;
794 struct usb_config_descriptor *desc;
795
796 cfgno = 0;
797 result = -ENOMEM;
798 if (ncfg > USB_MAXCONFIG) {
799 dev_warn(ddev, "too many configurations: %d, "
800 "using maximum allowed: %d\n", ncfg, USB_MAXCONFIG);
801 dev->descriptor.bNumConfigurations = ncfg = USB_MAXCONFIG;
802 }
803
804 if (ncfg < 1) {
805 dev_err(ddev, "no configurations\n");
806 return -EINVAL;
807 }
808
809 length = ncfg * sizeof(struct usb_host_config);
810 dev->config = kzalloc(length, GFP_KERNEL);
811 if (!dev->config)
812 goto err2;
813
814 length = ncfg * sizeof(char *);
815 dev->rawdescriptors = kzalloc(length, GFP_KERNEL);
816 if (!dev->rawdescriptors)
817 goto err2;
818
819 desc = kmalloc(USB_DT_CONFIG_SIZE, GFP_KERNEL);
820 if (!desc)
821 goto err2;
822
823 result = 0;
824 for (; cfgno < ncfg; cfgno++) {
825
826
827 result = usb_get_descriptor(dev, USB_DT_CONFIG, cfgno,
828 desc, USB_DT_CONFIG_SIZE);
829 if (result < 0) {
830 dev_err(ddev, "unable to read config index %d "
831 "descriptor/%s: %d\n", cfgno, "start", result);
832 if (result != -EPIPE)
833 goto err;
834 dev_err(ddev, "chopping to %d config(s)\n", cfgno);
835 dev->descriptor.bNumConfigurations = cfgno;
836 break;
837 } else if (result < 4) {
838 dev_err(ddev, "config index %d descriptor too short "
839 "(expected %i, got %i)\n", cfgno,
840 USB_DT_CONFIG_SIZE, result);
841 result = -EINVAL;
842 goto err;
843 }
844 length = max((int) le16_to_cpu(desc->wTotalLength),
845 USB_DT_CONFIG_SIZE);
846
847
848 bigbuffer = kmalloc(length, GFP_KERNEL);
849 if (!bigbuffer) {
850 result = -ENOMEM;
851 goto err;
852 }
853
854 if (dev->quirks & USB_QUIRK_DELAY_INIT)
855 msleep(100);
856
857 result = usb_get_descriptor(dev, USB_DT_CONFIG, cfgno,
858 bigbuffer, length);
859 if (result < 0) {
860 dev_err(ddev, "unable to read config index %d "
861 "descriptor/%s\n", cfgno, "all");
862 kfree(bigbuffer);
863 goto err;
864 }
865 if (result < length) {
866 dev_warn(ddev, "config index %d descriptor too short "
867 "(expected %i, got %i)\n", cfgno, length, result);
868 length = result;
869 }
870
871 dev->rawdescriptors[cfgno] = bigbuffer;
872
873 result = usb_parse_configuration(dev, cfgno,
874 &dev->config[cfgno], bigbuffer, length);
875 if (result < 0) {
876 ++cfgno;
877 goto err;
878 }
879 }
880 result = 0;
881
882err:
883 kfree(desc);
884 dev->descriptor.bNumConfigurations = cfgno;
885err2:
886 if (result == -ENOMEM)
887 dev_err(ddev, "out of memory\n");
888 return result;
889}
890
891void usb_release_bos_descriptor(struct usb_device *dev)
892{
893 if (dev->bos) {
894 kfree(dev->bos->desc);
895 kfree(dev->bos);
896 dev->bos = NULL;
897 }
898}
899
900
901int usb_get_bos_descriptor(struct usb_device *dev)
902{
903 struct device *ddev = &dev->dev;
904 struct usb_bos_descriptor *bos;
905 struct usb_dev_cap_header *cap;
906 unsigned char *buffer;
907 int length, total_len, num, i;
908 int ret;
909
910 bos = kzalloc(sizeof(struct usb_bos_descriptor), GFP_KERNEL);
911 if (!bos)
912 return -ENOMEM;
913
914
915 ret = usb_get_descriptor(dev, USB_DT_BOS, 0, bos, USB_DT_BOS_SIZE);
916 if (ret < USB_DT_BOS_SIZE) {
917 dev_err(ddev, "unable to get BOS descriptor\n");
918 if (ret >= 0)
919 ret = -ENOMSG;
920 kfree(bos);
921 return ret;
922 }
923
924 length = bos->bLength;
925 total_len = le16_to_cpu(bos->wTotalLength);
926 num = bos->bNumDeviceCaps;
927 kfree(bos);
928 if (total_len < length)
929 return -EINVAL;
930
931 dev->bos = kzalloc(sizeof(struct usb_host_bos), GFP_KERNEL);
932 if (!dev->bos)
933 return -ENOMEM;
934
935
936 buffer = kzalloc(total_len, GFP_KERNEL);
937 if (!buffer) {
938 ret = -ENOMEM;
939 goto err;
940 }
941 dev->bos->desc = (struct usb_bos_descriptor *)buffer;
942
943 ret = usb_get_descriptor(dev, USB_DT_BOS, 0, buffer, total_len);
944 if (ret < total_len) {
945 dev_err(ddev, "unable to get BOS descriptor set\n");
946 if (ret >= 0)
947 ret = -ENOMSG;
948 goto err;
949 }
950 total_len -= length;
951
952 for (i = 0; i < num; i++) {
953 buffer += length;
954 cap = (struct usb_dev_cap_header *)buffer;
955 length = cap->bLength;
956
957 if (total_len < length)
958 break;
959 total_len -= length;
960
961 if (cap->bDescriptorType != USB_DT_DEVICE_CAPABILITY) {
962 dev_warn(ddev, "descriptor type invalid, skip\n");
963 continue;
964 }
965
966 switch (cap->bDevCapabilityType) {
967 case USB_CAP_TYPE_WIRELESS_USB:
968
969 break;
970 case USB_CAP_TYPE_EXT:
971 dev->bos->ext_cap =
972 (struct usb_ext_cap_descriptor *)buffer;
973 break;
974 case USB_SS_CAP_TYPE:
975 dev->bos->ss_cap =
976 (struct usb_ss_cap_descriptor *)buffer;
977 break;
978 case USB_SSP_CAP_TYPE:
979 dev->bos->ssp_cap =
980 (struct usb_ssp_cap_descriptor *)buffer;
981 break;
982 case CONTAINER_ID_TYPE:
983 dev->bos->ss_id =
984 (struct usb_ss_container_id_descriptor *)buffer;
985 break;
986 case USB_PTM_CAP_TYPE:
987 dev->bos->ptm_cap =
988 (struct usb_ptm_cap_descriptor *)buffer;
989 default:
990 break;
991 }
992 }
993
994 return 0;
995
996err:
997 usb_release_bos_descriptor(dev);
998 return ret;
999}
1000
